FTC Testifies on Protecting Consumers Telephone Records

Cross Border Legislation Could Enhance Law Enforcement Efforts

For Release

September 29, 2006

The Federal Trade Commission today told the House Committee on Energy and Commerce Subcommittee on Oversight and Investigations that protecting the privacy of consumers’ telephone records requires a multi-faceted approach. Joel Winston, Associate Director of FTC’s Division of Privacy and Identity Protection, said that coordinated law enforcement efforts targeting pretexters, steps by telephone carriers to protect their records from intrusion, and educating consumers about actions they can take to protect their records, will help safeguard consumers’ telephone records.

The testimony notes that the agency has filed five lawsuits in federal district courts targeting data brokers who sold consumer telephone records without the consumer’s knowledge or consent. The agency charged them with violating the FTC Act, which bars unfair and deceptive acts. The agency currently is investigating other firms that may be engaged in telephone records pretexting, the testimony said.

“Aggressive law enforcement is at the center of the FTC’s efforts to protect consumers’ sensitive information,” the testimony states. “In addition to the Commission’s recent lawsuits against data brokers who sold consumer telephone records, the FTC has taken law enforcement action against several companies allegedly offering . . . access to consumers’ financial records . . . Such efforts demonstrate the Commission’s commitment to challenging business practices that unnecessarily expose consumers’ sensitive data, and to helping consumers protect themselves against criminals who would steal their personal information,” it says.

The testimony notes that protection of consumers’ personal information also must be guarded by entities that handle and maintain sensitive consumer information. The Commission has taken law enforcement actions against firms that have “failed to implement reasonable security and safeguard processes for consumer data.”

According to the testimony, the FTC has used the FTC Act to combat pretexting to obtain sensitive consumer information. “However, it would further assist the FTC’s enforcement in this area to have more specific prohibitions against pretexting for consumer telephone records obtained through actual or reasonably known pretexting activity.”

“The FTC also would recommend that Congress give the Commission authority to seek civil penalties against violators,” the testimony states. “Often, penalties can be the most effective civil remedy in these areas to provide real deterrence.”

“Finally, the FTC staff learned through its investigation that some Web sites offering these records were registered to foreign addresses. This finding underscores the importance of the Commission’s previous recommendation that Congress enact cross-border fraud legislation. The proposal, called the US SAFE WEB Act, will overcome many of the existing obstacles to information sharing in cross-border investigations,” the testimony states.

The Commission vote to issue the testimony was 5-0.

Copies of the testimony are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov/ftc/complaint.htm. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to thousands of civil and criminal law enforcement agencies in the U.S. and abroad.